oshaked1
Follow
π Forensics and Research Tools
Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider
Adversary tradecraft detection, protection, and hunting
ELF file viewer/editor for Windows, Linux and MacOS.
Volatility Symbol Generator for Linux Kernels
A suite of Volatility 3 plugins for memory forensics of Docker containers
magic-trace collects and displays high-resolution traces of what a process is doing
Performance analysis tools based on Linux perf_events (aka perf) and ftrace
bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
π A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders
Packet, where are you? -- eBPF-based Linux kernel networking debugger
A Linux Host-based Intrusion Detection System based on eBPF.
Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
You didn't think I'd go and leave the blue team out, right?
UAC is a powerful and extensible incident response tool designed for forensic investigators, security analysts, and IT professionals. It automates the collection of artifacts from a wide range of Uβ¦
Portable Executable reversing tool with a friendly GUI
Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
IDA plugin which queries language models to speed up reverse-engineering
Windows kernel hacking framework, driver template, hypervisor and API written on C++